FAQ about overall Tkey

# FAQ about overall Tkey ### 1. What is a polynomial, Lagrange interpolation, threshold, Shamir secret sharing ? - Polynomial is an expression consisting of variables and coefficients. f(x) = x + 9 is an example of a polynomial. - Lagrange interpolation makes the unique polynomial of lowest degree that interpolates the given data. Ex. (0,1) and (1,2) will interpolate to f(x) = x+1 - Threshold is the level or point at which something starts to happen. In tkey's context, threshold represents the minimum number of share required to reconstruct the polynomial. m/n means that m shares are required out of n to construct the polynomial. - SSS is used to secure a secret in a distributed way, most often to secure other encryption keys. In our case, private key is converted into shares, the secret can be reassembled when a sufficient number of shares are combined. ### 2. What is public polynomial, pub poly id ? Let me first explain the original polynomial. Tkey makes it possible to store the final key to be used in the blockchain,by dividing it into several shares using the shamir secret sharing technique. ![](https://i.imgur.com/67DQ5Au.png) Public polynomial is another polynomial created with the "coefficients" of the original polynomial. In other words, points which are stored in public polynomial have nothing to do with "shares" in original polynomial. ``` pub fn get_public_polynomial(&mut self) -> Result<PublicPolynomial, TKeyError> { let mut commitments: Vec<Point> = vec![]; for i in 0..self.polynomials.len() { let pt = get_public_key_point(&self.polynomials[i])?; commitments.push(pt) } let poly = PublicPolynomial::new(commitments, None)?; self.public_polynomial = Some(poly.clone()); Ok(poly) } ``` For example, assume that original polynomial is y=2x+5. The public polynomial becomes a polynomial with the public key derived from 2 and 5 as a point. ![](https://i.imgur.com/5HlOs3R.png) pub poly id is derived from this public keys. It's nothing but concatnation of public key string equivalent. Obviously, polynomial made from a combination of certain public keys is unique. So each public polynomial has a unique value of pub poly id as well. ### 3. What are shares, share stores? What is the relationship between share and share store? Sharestore includes share. Sharestore consists of - share (share + shareIndex) + polynomialID (string) Actually share is a private key (256 bit), it has no meaning on its own. With shareIndex which conducts the role as x value, share becomes a unique point in the coordinate system. Also by given polynomial ID, we can specify a unique point of certain polynomial. ### 4. What is metadata? What different kinds of data exists on metadata? What guarantees does the metadata provide ? Each share has its own metadata. Metadata is an json object. Metadata consists of ``` - pubkey. This is the public key of tkey. - publicPolynomials. Keeps track of polynomial ids and its indexes for all epochs. - publicShares. keeps track of all public shares for all epochs. - polyIDlist. List of all polynomial IDs for all epochs. - generalStore - Public data about shares. For example, {share1: "hello", share2: "I am on iphone"}. - It allows us to figure out what each share means - tkeyStore - data about final key - stores - Password TkeyStore Item (id and answer) - SeedPhrase TkeyStore Item (id, item type, seed phrase, num of wallets) - scopedStore (Share private data, internal usage) - This is used to send data to a particular share. Currently, it is only used by catchupToLatestShare which is internal. - Nonce. Incremented everytime metatdata changes. ``` So by looking into the metadata, we can check the integrity of the share. With information of polynomials, it is possible to determine whether the original polynomial composed of the shares is normal or not. Also store data lets you to check more detailed information of share itself. ### 5. What is a storage layer ? How is the storage layer different from s3 or google drive or SQL DB ? The storage layer serves as a persistent data store for storing encrypted metadata. The difference between storage layer and s3 google drive or SQL DB is that storage layer essentially non-existing. We can run anywhere we want. Its upto the storage layer to decide how the APIs work. Checkout IStorageLayer for the storage layer interface. ``` interface IStorageLayer extends ISerializable { storageLayerName: string; getMetadata<T>(params: { serviceProvider?: IServiceProvider; privKey?: BN }): Promise<T>; setMetadata<T>(params: { input: T; serviceProvider?: IServiceProvider; privKey?: BN }): Promise<{ message: string }>; setMetadataStream<T>(params: { input: T[]; serviceProvider?: IServiceProvider; privKey?: BN[] }): Promise<{ message: string }>; acquireWriteLock(params: { serviceProvider?: IServiceProvider; privKey?: BN }): Promise<{ status: number; id?: string }>; releaseWriteLock(params: { id: string; serviceProvider?: IServiceProvider; privKey?: BN }): Promise<{ status: number }>; } ``` These are the 2 classes which imports IStorageLayer interface in tkey typescript. 1. TorusStorageLayer: This works in conjunction with torus-metadata-js. It will encrypt the data locally before sending to backend server. 2. MockStorageLayer: This is local JSON storage in memory. Useful in running tests locally. ### 6. What is a service provider? What is the difference between postbox key (google login) and service provider share ? After a social login (google, passwordless etc) is completed, frontend receives a JWT token. Once this token is revealed to torus nodes (CustomAuth), the frontend will receive a private key. This key is called a "postbox" key. Service provider takes postbox key as an input. Each postbox is linked to "Service provider share". This share is share associated with tkey. ![](https://i.imgur.com/d9uBsQs.png) So why not use the postbox key directly as share? Such separation allows us to update the service provider share without changing the keys on nodes. It provides fast execution time and independence from the torus network to the tkey module. Also this seperation makes service Providers no need to return private key itself. They just need to fulfill the interface: ``` encrypt(msg: Buffer): Promise<EncryptedMessage>; decrypt(msg: EncryptedMessage): Promise<Buffer>; retrievePubKey(type: PubKeyType): Buffer; retrievePubKeyPoint(): curve.base.BasePoint; sign(msg: BNString): string; ``` ### 7. What is the initial threshold do we start with ? When we start initializing, we don't have any sharestore. So we have to initialize a new key. function `initialize_new_key()` returns 2/2 shares (also returns private key). One is service provider share, and the other is device share. Here is the overall flow of initialize new key: 1. generate degree-1 random polynomial, and 2 share indexes 2. Now we have polynomial and share indexes, so can generate share 3. Create metadata and push share indexes 4. And then return 2 sharestores with private key Note that: - private key can be randomly generated, but key-importing is also supported - Device share is stored in localStroage, and service provider share is splited into auth network (torus node) ### 8. Can we create m/n threshold tkey ? If yes, how do we do it, describe steps ? Case 1) m/n to m/n+1 - We can generate new share from the existing polynomial - After generation, update the metadata Case 2) m/n to m+1/n+1 - we can, dealing with Case1 + increase threshold by 1 - Generate a new share - And then create the new polynomial, with degree increased by 1 - update the metadata If we combinate case1, 2 we can create m/n theshold key, so yes. ### 9. How does delete share work ? Here's the overall flow of deleteShare: - share indexes are given as a parameter, get sharestore_to_delete via func output_share_store - Get the public polynomial from metadata, and also old share indexes - Compare the index, and just leave the new indexes - Check it has enough shares even if we delete shares - run Refresh share : generate new polynomial with given threshold and new share indexes - Add local metadata transitions and return (ends)